WA: MCG Health notifies patients and health plan members of data breach

Seattle-based MCG Health, LLC (“MCG”) provides patient care guidelines to providers and health care plans. According to a notice on their website that was also issued as a press release yesterday, on March 25, 2022, they determined that an unauthorized… Continue reading WA: MCG Health notifies patients and health plan members of data breach

Data breach lawsuits settle: UPMC vendor and a holding company for department stores

Two potential class action lawsuits involving data breaches have reportedly settled. One awaits final approval in October, but the other settlement is already final. University of Pittsburgh Medical Center data breach $450K class action settlement Duri… Continue reading Data breach lawsuits settle: UPMC vendor and a holding company for department stores

Personal and sensitive files from Tehama County Social Services leaked on dark web. Have the victims been notified?

On their dark web blog, Quantum threat actors claim to have acquired 32 GB of files from Tehama County Social Services in California. Quantum describes the files as involving information of county clients and employees: Financial information, budgets, … Continue reading Personal and sensitive files from Tehama County Social Services leaked on dark web. Have the victims been notified?

Goodman Campbell Brain and Spine alerts patients to ransomware attack while continuing to provide care

Yesterday, Hive threat actors added Goodman Campbell Brain and Spine to their leak site, with a notice that they had encrypted the entity on May 20. They also provided some files as proof. But if Hive hoped this would pressure the multi-location medica… Continue reading Goodman Campbell Brain and Spine alerts patients to ransomware attack while continuing to provide care

AU: Researcher finds ACY Securities leaking 60 GB of User Data

ACY Securities describes itself as one of Australia’s fastest growing multi-asset online CFD trading providers. But as first reported by HackRead, the trading firm was leaking 60 GB of user data until independent researcher Anurag Sen persisted i… Continue reading AU: Researcher finds ACY Securities leaking 60 GB of User Data

Pysa shuttered its leak site before it ever dumped data from more than half a dozen schools. Here’s what we know so far.

The education sector has always been a relatively easy target for cybercriminals. One group in particular —  Pysa —  earned a reputation for its ransomware attacks on schools. Despite analyses and alerts in March, 2021 by threat intel firms… Continue reading Pysa shuttered its leak site before it ever dumped data from more than half a dozen schools. Here’s what we know so far.

Potential privacy breach after documents stolen from abandoned Auckland police station

Rachel Maher reports: Police have alerted the Privacy Commissioner after a burglar broke into the former Auckland police station and stole documents and expired pepper spray. The police were made aware of the break-in while carrying out a search warran… Continue reading Potential privacy breach after documents stolen from abandoned Auckland police station